OWASP Based
#03
INFORMATION GATHERING
Open Source Reconnaissance
Fingerprinting Web Server
Looking For Metafiles
Enumerating Web Server’s Applications
Review The Web Contents
Identifying Application’s Entry Points
Mapping Execution Paths
Fingerprint Web Application Framework
Map Application Architecture
CONFIGURATION & DEPLOYMENT MANAGEMENT TESTING
Test Network Configuration
Test Application Configuration
Test File Extension Handling
Review Backup & Unreferenced Files
Enumerate Infrastructure & Admin Interfaces
Testing HTTP Methods
Test HSTS
Test RIA Cross Domain Policy
Test File Permission
Test For Subdomain Takeover
Test Cloud Storage
IDENTITY MANAGEMENT TESTING
Test Role Definitions
Test User Registration Process
Test Account Provisioning Process
Testing For Account Enumeration
Test For Weak Username Policy
AUTHENTICATION TESTING
Test For Un-Encrypted Channel
Test For Default Credentials
Test For Weak Lockout Mechanism
Test For Bypassing Authentication Schema
Test For Vulnerable Remember Password
Test For Browser Cache Weakness
Test For Weak Password Policy
Testing For Weak Security Questions
Test For Weak Password Reset Function
Test For Weak Password Change Function
Test For Weak Authentication In Alternative Channel
AUTHORIZATION TESTING
Testing Directory Traversal File Include
Testing Traversal With Encoding
Testing Travesal With Different OS Schemes
Test Other Encoding Techniques
Test Authorization Schema Bypass
Test For Privilege Escalation
Test For Insecure Direct Object Reference
SESSION MANAGEMENT TESTING
Test For Session Management Schema
Test For Cookie Attributes
Test For Session Fixation
Test For Exposed Session Variables
Test For Back Refresh Attack
Test For Cross Site Request Forgery
Test For Logout Functionality
Test For Session Timeout
Test For Session Puzzling
Test For Session Hijacking
INPUT VALIDATION TESTING
Test For Reflected Cross Site Scripting
Test For Stored Cross Site Scripting
Test For HTTP Parameter Pollution
Test For SQL Injection
Test For LDAP Injection
Testing For XML Injection
Test For Server Side Includes
Test For XPATH Injection
Test For IMAP SMTP Injection
Test For Local File Inclusion
Test For Remote File Inclusion
Test For Command Injection
Test For Format String Injection
Test For Host Header Injection
Test For Server Side Request Forgery
Test For Server Side Template Injection
ERROR HANDLING TESTING
Test For Improper Error Handling
WEAK CRYPTOGRAPHY TESTING
Test For Weak Transport Layer Security
BUSINESS LOGIC TESTING
Test For Business Logic
Test For Malicious File Upload
CLIENT SIDE TESTING
Test For DOM Based Cross Site Scripting
Test For URL Redirect
Test For Cross Origin Resource Sharing
Test For Clickjacking
OTHER COMMON ISSUES
Test For No-Rate Limiting
Test For EXIF Geodata
Test For Broken Link Hijack
Test For SPF
Test For Weak 2FA
Test For Weak OTP Implementation
Last updated